Technology (33%) Flashcards
What is a virtual computer that allows you to rent & manage virtual servers in the cloud?
What are the instances?
EC2 - virtual computer
EC2 instances - virtual servers running on physical servers
How would you use EC2 in the real world? (2)
1) Deploy a database – gives you full control over the database
2) Deploy a web application- deploy to multiple AZs to make the web apps highlight available
What are the ways to access an EC2 instance? (4)
1) AWS management console
2) Secure Shell (SSH) – allows you to establish a secure connection to your instance from your local laptop
3) EC2 Instance Connect (EIC) – allow you to use IAM policies to control SSH access to your instances, removing the need to manage SSH keys
4) AWS Systems Manager – allows you to manage instances via a web browser or AWS CLI
What is the most common way to connect to a Linux EC2 instance?
and how do you do it? (2)
Via a Secure Shell (SSH)
1) Generate a key pair (consists of a private key & public key, which proves your identity when connecting to an EC2 Instance)
2) Connect via SSH
a. SSH client on laptop uses private key, EC2 instance uses public key
EC2 Pricing Options (5) & when to use? 1 - 3 2 - 2 3 - 4 4 - 2 5 - 5
1) On-Demand: fixed price which you are billed down to the second.
When to use:
- no upfront payment or long-term commitment
- apps have unpredictable workloads that can’t be interrupted
- workloads will not run >1 year
2) Spot Instances (cheapest option) – let you take advantage of unused EC2 capacity. Request is fulfilled ONLY if capacity is available.
When to use:
- Not concerned about the start or stop time of application
- Workloads can be interrupted
3) Reserved instances – allows you to commit to a specific instance type in a particular region for 1 or 3 years
When to use:
- Your application has steady state and you can commit to 1 or 3 years (required to sign a contract)
- Application requires a capacity reservation.
- Has more flexibility to change instance family, operating system
- Can pay all upfront, partial upfront, or no upfront. All upfront for the max term earns the highest discount.
4) Dedicated hosts -allows you to pay for a physical server that is fully dedicated to running your instances (no multi-tenancy- server is not shared with other customers)
When to use:
- You want to bring your own server-bound software license from vendors like Microsoft or Oracle.
- Have regulatory or corporate compliance requirements around the tenancy model
5) Savings plan - allows you to commit to compute usage (measured per hour) for 1 or 3 years
When to use:
- - You want to lower your bill across multiple compute services
- You want the flexibility to change compute services, instance types, operating systems, or regions.
- Not making a commitment to a dedicated host, just compute usage
- Savings can be shared across compute services like EC2, Fargate, and Lambda
- Does not provide a capacity reservation.
What is the term for the thing that automatically distributes your incoming application traffic across multiple EC2 instances?
What are the 4 types?
Elastic Load Balancing
4 types:
Classic, application, gateway, and network load balancers (e.g. greeter standing at the door distributing traffic)
What adds or replaces EC2 instances automatically across AZs, based on need and changing demand?
What is 1 benefit?
Auto scaling.
Benefit: Reduces the impact of system failures & improves the availability of your applications
What is horizontal scaling vs. vertical scaling?
1) Horizontal scaling (scaling out): adds or replaces instances
2) Vertical scaling (scaling up): upgrades an existing instance
Which service is a a serverless compute service that lets you run code w/o managing servers (a dream come true for developers)?
What are three benefits?
What is one negative thing?
AWS Lambda
Benefits:
- You author application code (called functions), using many popular languages
- Scales automatically
- Serverless (don’t have to worry about managing servers like EC2)
Negative:
- Lambda functions have a 15-min timeout (not good for processes that run longer than 15 min)
How would you use Lambda in the real world? (3)
1) Real-time file processing (CSV data file upload)
2) Sending email notifications
3) Backend business logic (E.g. Lambda retrieves values from a database like DynamoDB and sends info back to Alexa device)
What is the Lambda Pricing Model?
What are the three components?
You are charged based on duration & number of requests
1) Compute time: pay only for compute time used (no charge if your code is not running)
2) Request count: counted each time it starts execution. Test invokes in the console count as well
3) Has an always free tier: the free usage tier includes 1 million free requests each month (even after the free usage tier expires, you have access to 1 million free lambda calls each month)
Your responsibility with Lambda vs. AWS’ responsibility?
Your responsibility - you are only responsible for your application code
AWS’ responsibility - AWS manages servers, coding environment, and language support.
What are containers?
You can place your applications in a container that can be transported & deployed to diff services and will be the application over and over again.
Which service is a serverless compute engine for containers?
What are the benefits? (3)
AWS Fargate
- Allows you to manage containers like Docker (leading container technology)
- Scales automatically
- Serverless – don’t worry about servers
Which service is a compute service that allows you to quickly launch all the resources you need for small projects?
What are the benefits? (4)
Amazon Lightsail
Benefits:
- Has simple screens for people with no cloud experience
- Includes a virtual machine, SSD-based storage, data transfer, DNs mgmt., and a static IP
- Provides a low, predictable monthly fee, as low as $3.50
Which service allow you to run cloud services in your internal data center?
What are the benefits?
AWS Outposts
Benefits:
- Supports workloads that need to remain on premises due to latency or data sovereighnty needs (data needs to stay in a particular location)
- AWS delivers & installs servers in your internal data center
- Used for a hybrid experience (public & private cloud that talk to each other)
- Gives you access to the cloud services & APIs to develop apps on-premises
Which service allows you to process large workloads in smaller batches?
What are two benefits?
AWS Batch
Benefits:
- Runs hundreds & thousands of smaller batch processing jobs
- Dynamically supplies instances based on volume
Which service is an object storage service in the cloud that is highly available?
What are some details? (5)
Amazon S3
Details:
- Objects (or files) are stored in buckets (or directories)
- Essentially unlimited storage that can hold millions of objects per bucket
- Objects can be public or private
- You can upload objects via the console, the CLI, or through code
- A regional service, but bucket names must be globally unique (cannot be used by anyone else unless deleted)
What is S3 security like?
you can set security at the bucket level or individual object level using access control lists (ACLs), bucket policies, or access point policies.
Why is durability & availability important for S3?
What is S3 standard designed for?
1) Durability – Is important so your objects are never lost or compromised
- S3 standard is designed for 99.9% of durability
2) Availability – Is important so you can access your data quickly when you need it
- S3 standard is designed for 99.9% availability
How does S3 pricing work? (4)
you pay for the storage you use based on:
1) storage classes
2) storage (number and size of objects in S3 buckets)
3) data transferred out of S3 region, and
4) requests & data retrieval (requests made for data & amount of requests made)
What are the different storage classes & what are they recommended for? (7) 1 - 1 2 - 2 3 - 2 4 - 3 5 - 2 6 - 3 7 - 2
1) S3 Standard - general purpose storage, stored across multiple AZ zones, has low latency & high throughput
a. Recommended for: frequently accessed data
2) S3 Intelligent- Tiering – uses ML to automatically move your data to the most cost-effective storage
a. Automatic cost savings, no retrieval fees, data is stored across multiple AZ zones
b. Recommended for: data w/ unknown or changing access pattern
3) S3 Standard-Infrequent Access – data accessed less frequently but requires rapid access
a. Cheaper than S3 standard
b. Recommended for: long-lived data, infrequently accessed, millisecond access when needed
4) S3 One Zone-Infrequent Access (IA) – Like S3 Standard-IA but data stored in a single availability zone
a. Costs 20% less than S3 Standard-IA
b. Data stored in this storage can be lost
c. Recommended for: re-creatable data, infrequently accessed with millisecond access, availability & durability not essential (durability 99.9%, availability 99.5%)
5) S3 Glacier –long term data storage & archival for lower costs
a. Data retrieval takes longer. Retrieval options: 1-5 mins, 3-5 hours, or 5-12 hours
b. Recommended for: long-term backups, cheaper storage options
6) S3 Glacier Deep Archive – like S3 Glacier but longer access times
a. Cheapest of all S3 options
b. 2 retrieval options: 12 hours or 48 hours
c. Recommended for: long-term data archival accessed one or twice per year, retaining data for regulatory compliance requirements
7) S3 Outposts - provides object storages on-premises (in local data center)
a. Only gives you a single storage class.
b. Recommended for: data that needs to be kept local, demanding application performance needs
How would you use S3 in the real world? (4)
1) Static websites – deploy static websites to S3 & use CloudFront for global distribution
2) Data Archive – archive data using Amazon Glacier as a storage option for Amazon S3
3) Analytics Systems – store data in S3 for use with analytics services
4) Mobile Applications – mobile application where users can upload files to an amazon S3 bucket
What are other additional storage services? (5) 1 -3 2-4 3-3 4-2 5-2
1) Elastic Block Store (EBS) – a storage device (volume) that can be attached to (or removed from) your instance (like a flash drive)
a. Data persists when the instance is not running
b. Can only be attached to one instance in one AZ
c. Recommended for quickly accessible data, running a database on an instance, long-term data storage
2) Elastic File System (EFS) – a serverless network file system for sharing files
a. Only supports the Linux file system*
b. More expensive than EBS
c. Accessible across diff AZ in the same region
d. Recommended for main directories for business-critical apps, lift & shift existing enterprise apps
3) EC2 Instance Store – local storage that is physically attached to the host computer & cannot be removed
a. Storage on disks physically attached to an instance
b. Storage is temporary since data loss occurs when the EC2 instance is stopped
c. Recommended for temporary storage needs, data replicated across multiple instances
4) Storage Gateway – a hybrid storage service
a. Connect on-premises & cloud data (private & public)
b. Recommended for moving backups to the cloud, reducing costs for hybrid cloud storage, low latency access to data
5) AWS Backup – helps you manage data backups across multiple AWS services
a. Integrates w/ resources like EC2, EBS, and EFS
b. Creates a backup plan that includes frequency & retention
What is the term for a mechanism to deliver content quickly & efficiently based on your geographic location?
And what is it’s main benefit?
Content Deliver Network (CDN)
Benefit - provides low latency
What service is a CDN that delivers data & applications globally with low latency?
What are its benefits? (3)
Amazon CloudFront.
Benefits:
- Makes content available globally or restricts it based on location
- Speeds up delivery of static & dynamic web content
- Uses edge locations to cache (copy of a file) content
How would you use CloudFront in the real world? (3)
1) S3 static websites – used with S3 to deploy content globally
2) Prevent attacks – can stop certain web attacks like DDoS
3) IP address blocking – geo-restriction prevents users in certain countries from accessing content
Which service sends your users through the AWS global network when accessing your content, speeding up delivery (good for gaming)?
What are its benefits? (3)
Amazon Global Accelerator.
Benefits:
- Improves latency & availability of single-region applications
- Sends traffic through AWS global network infrastructure (gives 60% performance boost)
- Automatically re-routes traffic to healthy available regional endpoints
Which service improves content uploads & downloads to and from S3 buckets?
What are its benefits? (2)
Amazon S3 Transfer Acceleration
Benefits:
- Fast transfer of files over long distances
- Uses CF’s globally distributed edge locations
Which is a foundation service that allows you to create a secure private network in the AWS cloud where you launch your resources? (like a fence to protect the pizza shop)
What are the benefits? (3)
Amazon VPC (Virtual Private Cloud) Benefits: - Private virtual network - Launch resources like EC2 instances inside the VPC - Isolates and protects resources
What is the term that allows you to connect 2 VPCs together via AWS private network to make them behave as one?
VPC Peering
What service directs internet traffic by connecting domain names w/ web servers? (e.g. www.acloud.guru)
Domain Naming System (DNS)
What is a DNS service that routes users to applications?
What are its benefits? (3)
Amazon Route 53
Benefits:
- Domain name registration
- Performs health checks on AWS resources
- Supports hybrid cloud architectures
Which service is a dedicated physical network connection from your on-premises data center (private cloud) to AWS (public cloud)?
What are its benefits? (2)
AWS Direct Connect
- Data travels over a private network
- Supports a hybrid model (public & private cloud)
How would you use Direct Connect in the real world?
3
1) Large datasets – transfer large datasets to AWS
2) Business-critical data (transfer internal data directly to AWS bypassing your internet service provider)
3) Hybrid model – build hybrid environments
Which service creates a secure connection between your internal networks & your AWS VPCs?
What are its benefits? (3)
AWS Site-to-Site VPN (Virtual Private Network)
Benefits:
- Is similar to Direct Connect but data travels over the public internet and is cheaper
- Data is automatically encrypted
- Connects your on-premises data center to AWS
